Because of the pertinence of the subject, and because the recent news about
millions of computers being controlled remotely by computer pirates has spread in the last weeks, I am posting an article that I had published in 2002, which content is still up to date.
Please notice that
your computer may not be of interest at first sight, but it may still be quite
tempting to the enigmatic hackers out there!
The news:
16 year-old hacker controlling 75 thousand computers
1% of computers infected with bots are Portuguese
One of the largest SPAM nets in the world ready to be dismantled
A great net of zombie computers dismantled
The article:
"Many customers ask from us the same question:
People speak so much about computer assurance, and companies spend millions, where does danger really lie?
No doubt, this is an interesting but complex subject, if you take into account the variety of existing technologies and the way they are usually developed.
First, it is essential to understand that
any computer having access to the "exterior" is prone to be "attacked." It doesn't matter if it is a computer that seldom connects to Internet through a simple analogical modem, or if it is a computer or net of computers that are permanently linked to Internet by means of a cable, ADSL or other type of dedicated connection, although in the last ones the probabilities of danger are substantially larger.
- External, attacked?!? What does that mean?
The simple act of linking a computer to Internet to visualize websites, to send or receive e-mail, or
any other form of linking to other computer can make it prone to be "attacked."
“Attack” is usually the expression used to describe the execution of some unwanted tasks. Usually, the
user of the computer system
doesn’t even know - in most cases –
about their execution.
For instance, when accessing a website, this can contain a hidden "malicious" code that executes instructions such as:
- Install a "hidden" program.
- Send the information on your computer, such as data files, system information, typed passwords, etc.
Many small companies and private users say:
“I don't keep important information on my computer... “
1 - Maybe not but... Have you ever stopped to think why is it so extremely difficult to catch a computer pirate?
Suppose you access a website that auto installs a program on your computer without you knowing that.
What can that program do? For instance,
it can be used to attack other computers on the Internet from your computer! That way, not only that computer pirate is using your computer - he is also
charging you with something that you didn’t even know about.
It is good to emphasise that there are laws in connection with this subject in several countries, and they are well under development in many others. Those laws make companies responsible for being used to attack others. These laws seek the reinforcement and the constant monitoring of the computer security in those companies.
2 – Let’s take into consideration the case of a virus that, ….for instance, would spread out all over the world by using the existent contacts in you list of e-mails.
3 - Suppose that the program that the pirate installs on you computer, is for "reading" all of the keywords you enter and then sending them automatically to the author of the program, without your even noticing it, via e-mail or by means of any other way.
Now imagine that you use a home banking system - Bank operation on Internet – and that, by knowing all your codes, the computer pirate can pass himself off you at the bank system you use and make a wire transfer of funds in his own favour.
4 - In the same way, it is not pleasant at all that any person can be able to access your private financial information, the e-mails you send and receive from friends, your private family pictures, etc.
People just don’t realise the potential danger they face everyday in connection with a lack of good computer security systems.
But they usually want to know:
There is so much people on Internet, How would they find me? And is it easy to write those programs and access my computer?
Usually, they don't need to find us – it is us who go to them when accessing the Internet, for instance. There also are programs that are very easy to use - any child can use them – which automatically
search on the computers connected to the Internet and those programs automatically spot their weaknesses...
How? We do not intend to explain any technical details here, but every computer linked to Internet has an IP address – which, like a telephone number, identifies exclusively every computer connected to the Internet. Imagine that that program makes "a phone call via Internet" until it can find a replying number - an IP. On getting an answer, the program analyses to what extent that “telephone number” – a computer – is weak or strong, just by using a battery of ordinary tests...
These simple programs that certain pirates run day and night generate a report that will be analysed later on as a way to decide which the most suitable objectives to attack are.
This is just one in the countless ways to reach you, and you may not even realise.
And… what’s the level of danger for companies? - Exponentially larger... Companies are, in most cases, a much more inviting objective than a private user, because of the volume of businesses they move, because of the information they can store, because the competition they may suppose, etc.
Usually, business nets have computers with a 24/7 Internet connection. The voluntary public exhibition of these companies facilitates the whole identification and exploration process.
While a private user can unlink his or her computer from Internet - what complicates computer pirates’ job
a bit - a company would rarely do such a thing, so a pirate can take their time to explore calmly and find the best way of breaking the barriers that may be there to prevent him / her from achieving that goal.
Apart from all the dangers for private users, companies can face even more serious consequences with computer security mistakes:
The loss of information in a company can be disastrous:
1 – Figure out, for instance, what would happen if all the billing data, customers, and products were pure and simply deleted and could not be recovered?
2 - Or if the confidential data of your company would fall in the wrong hands...
3 - The loss in productivity resulting from a slower system because its computer resources are being used by computer pirates to attack other objectives.
4 - Or imagine the lack of credibility and the bad image generated at the market - namely among your investors and customers – because of you a lack of computer assurance and data confidentiality.
5 - Although your data may not be important, if a computer pirate can use a company’s computers, estimate the effort - and the cost – of making them 100% operational again... In a small company, it may take 2 or 3 days of significant work. But, can you figure out what would it take doing that in a big corporation with +10.000 workers...?
These are just some of the many examples that we could mention on serious loss due to a lack of a reliable and coherent computer security system in a company.
It is also important to emphasise that computer security
is nor just related - in theory – to computer piracy, but also to other relevant incidents such as
natural disasters, accidents, terrorism, sabotage and, as ridiculous as it may seem,
internal factors, which are responsible for more than a 70% of the problems and computer loss at the present time!.
1 - Think of a fire destroying your office entirely. Are you protected by backups? Although you may have made those backup copies, are these at a safe place or were they also destroyed by the fire?
2 - What would happen if your computer technician unintentionally deleted your database containing you customers' data (yes...that one, the one you use for emailing…).
3 - Or…how would you go about it if a virus invaded your company and every Word and Excel document were deleted or hopelessly damaged?
4 - Maybe you are a bit sceptical, but most problems result, precisely, from misuse or internal abuse of a computer system. Sometimes intentionally, sometimes passively, as in the case of unhappy collaborators using a wrong or unsafe system access, or spreading confidential relevant information on the company, or purely and simply just because when they surf the web and receive the famous e-mails containing PPS presentations, anecdotes, etc., they are also receiving a virus that will spread to all the computers in the company.
Many private users and entrepreneurs don’t fully nor even partially understand the importance of these and other subjects in connection with computer assurance. For that reason, dozens of companies and thousands of private users in the world find out everyday the damage on their computer systems, meaning several thousands of million of Euros wasted in data loss, emergency system updating, computer technicians, technical support, etc.
But, what can you do to avoid this type of problems? I cannot give you a 100% warranty to find an answer to solve or avoid them. What I can give you is a series of procedures, actions, and infra-structures to implement, so that you can try to avoid and minimize to the maximum possible this type of awful situations.
Apart from the simple installation of a firewall (a program restricting the computer assurance both internally and exteriorly on a computer or a net of computers), it is necessary to implement concrete and coherent computer assurance policies – the implementation of a practical, potent, and functional anti virus, and the implementation of an efficient backup system, among many other various scalable solutions to cater for every customer's need.
Luis Miguel Gonçalves – 2002”